Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Huawei home gateway products HiRouter-CD20 and WS5200 with the versions before HiRouter-CD20-10 1.9.6 and the versions before WS5200-10 1.9.6 have a path traversal vulnerability. Due to the lack of validation while these home gateway products install APK plugins, an attacker tricks a user into installing a malicious APK plugin, and plugin can overwrite arbitrary file of devices. Successful exploit may result in arbitrary code execution or privilege escalation.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Huawei HiRouter-CD20和WS5200 路径遍历漏洞
Vulnerability Description
Huawei HiRouter-CD20和WS5200都是中国华为(Huawei)公司发布的家庭路由器产品。 Huawei HiRouter-CD20 HiRouter-CD20-10 1.9.6之前版本和WS5200 WS5200-10 1.9.6之前版本中存在路径遍历漏洞,该漏洞源于程序在安装APK插件时校验不足。攻击者可通过诱使用户安装可以覆盖设备中任意文件的恶意APK插件利用该漏洞执行任意代码或提升权限。
CVSS Information
N/A
Vulnerability Type
N/A